What is CVE-2016-6268?

CVE-2016-6268 is a high-severity vulnerability in Trendmicro Smart_protection_server, classified under CWE-264. CVSS score: 7.8/10. Published 2017-01-30.

How severe is CVE-2016-6268?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Trendmicro Smart_protection_server

CVE-2016-6268

Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps director…

EPSS: 0.001 (23.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Trendmicro Smart_protection_server — versions 2.5, 2.6, 3.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (Technical Description, Exploit, Third Party Advisory, x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM, Patch, Mitigation, Vendor Advisory)

Frequently asked questions

What is CVE-2016-6268?: CVE-2016-6268 is a high-severity vulnerability in Trendmicro Smart_protection_server, classified under CWE-264. CVSS score: 7.8/10. Published 2017-01-30.
How severe is CVE-2016-6268?: High severity. CVSS v3 base score is 7.8 out of 10.